Skip to main content

tv   Washington This Week  CSPAN  November 7, 2015 10:00am-12:01pm EST

10:00 am
>> coming up this morning on c-span, a look of the future of warfare. followed by some of our recent road to the white house coverage, featuring candidates jeb bush and donald trump. later, we will be live from the campaign trail with a campaign meeting with hillary clinton in orangeburg, south carolina. >> the senate armed services committee recently held a hearing on the future of warfare, focusing on geopolitical challenges, and the military use of new technology. among the witnesses, retired general keith alexander, who heads the nsa and cyber command. we begin with his opening statement.
10:01 am
mr. alexander: when you think about the rate of cyber security, it is doubling every two years. by theirt is outdated junior year. when you think about the volume of information being created, it exabytes.even we will create more unique information this year than the last five years combined. and, when you look at the civilian side, the top and demand jobs now d did not exist 10 years ago.
10:02 am
technology to solve problems that we did not even know were problems. there is good that will come out of this and health care, and saving people money. when you look at the revolution that will go on in the energy sector, and how we can stabilize our nation and other nations energy sector, and not waste fuel perof dollars in year, this is a huge opportunity for our nation. with that opportunity comes from a this will no ability. when he think about what the defense department is required to do, it rests on that civilian infrastructure. it rests on the communications infrastructure, and all the that aremunications intertwined. our nation, in order to execute warfare depends on mapping there. it is not secure. i would just hit some highlights
10:03 am
of what i think we will face over the next several years. you only need to look at at what happened in a stone yet in 2007. 2008, a service attack. both of those were by russian hackers. i learned this from my. her. she used a dirty word, but we will use "russian hackers." uniquely times russian troops entering into georgia. october,ow, in 2008, is when we found malware on the defense networks. if you jump to 2012, we found a series of attacks against our nation's financial system, largely attributed to iran. it was preceded by a destructive that destroyed the data
10:04 am
on 30,000 systems. orom 2012, august, two 2013, attacks on our financial infrastructure. when you jump to today, home depot, sony, and what hit other you are seeing those nations that disagree with us are looking at ways to come out of using the full spectrum of diplomatic, economic, military form military, the easiest has beena and iran cyber. when you look at what is going on around the world today, if we have a disagreement with russia, or the iran deal goes bad, ovi do not have a meeting of the minds on the ukraine, or something pops up in north korea, i expect these countries
10:05 am
will come back at us with cyberattacks. they can say, not our guys. it is an asymmetric way of hitting our country and can cause tremendous damage. our nation is not ready for these types of attacks across the board. i think the cyber legislation that was brought forward takes is a great step down the road, by think there is more than need to be done. within the defense department, only the defense department can cyber.this nation in homeland security can set standards, but when our nation is under attack, the u.s. cyber command, the nsa, they will be the first responders. let's look at what happened with sony, and use that as a case example to end my opening statements. onwhen sony was hit -- people can say that is not critical infrastructure -- when sony was attacked, we would not
10:06 am
allow sony, as a government, to attack back at north korea. the reason was that you could create a bigger war on the peninsula of korea. but, if sony is not allowed to attack, who does that for sony? that is where our government steps in, with a defense department steps in. networks.see sony's i'm not advocating for the government to be in all of the networks. what i advocate for is a radar system. when a company or sector is being hit, that they can tell the government, at large, i am being attacked. in things have to occur order to do that. the company needs to their game , and much likee a radar system, be able to tell the government that something is going on.
10:07 am
then, the government can determine what to do. all of this have to occur at network speed. it is not a place where you can have someone in the loop making the decision. it is analogous to doing a nuclear exchange, where we are racing down the road, building power points to brief the white house on the next step when the missile comes in 30 minutes, the briefings, and 30 hours -- come in 30 hours. provide any opportunity for us to miscalculate. when you think about what those, who wish us harm, what to do -- if i were a bad guy, i would look at this as a military campaign, and how we want to attack.
10:08 am
i believe those who want to do us harm can do it much like what has happened in 2012, but this time with more destructive tools against our energy sector and our financial sector. if that happens, the cost to our nation would be measured in the trillions. where do we need to go? i think that is one of the .hings that we ought to discuss how we set up and organize within the government and set the rules of engagement to get right.ght -- things and, partner with industry. we need industry to tell is what is going on, but the government has to be there protecting industry. i'm not an advocate of us pushing money from industry for them to go fix their problems. i'm an advocate for industry telling the government that
10:09 am
something is going on. these are areas that i would like to really talk about. when you look at it, and internet, our nation is the one that created the internet. we were the first to do this. we ought to be the first of secure it. thank you, chairman. of thent to get at some trends that general alexander and yourself brought up earlier. we have a very dynamic security environment today, as we talked about in other sessions dynamic, and a very technology environment. what that is doing is transitioning are several decades of military dominance
10:10 am
that we have enjoyed since the cold war into one of competition. we will now have to compete to maintain our war fighting edge against our adversaries. we need to have an effective strategy to goes after the kinds of enduring advantages that we need to be able to have. the last time we were faced with a situation like this was during the cold war. use severaltime, we series of offset strategies that have been described to be able to demonstrate to the soviets that we could hold them at risk, attack targets at home, and attack forces out in the field. weaponsolved nuclear with the strategy in the 1950's, and follow later on with the strategies that the defense alwaysent mounted
10:11 am
keeping the soviets on edge. if the u.s. know would be able to effectively attack soviets at will. these efforts were successful in large part because we were able next phase,the develop capabilities that would be effective in those next phases. , with thea warfare advent of the suffering, the u.s. realized that sonar would be a key feature going into the cold war. as a result, we were able to maintain a dominant position versus the soviets for almost the entire cold war.
10:12 am
our own protect ballistic missile submarines, while threatening those of the soviet union, as well as giving us the ability to attack their submarines out at sea. another area would be stealth. we saw later in the cold war that radar systems were getting better and better. we started to develop stealth technology and low probability detection systems that we would need to be effective against the kind of sensors that the soviets were developing. those capabilities entered at the end of the cold war. we are all familiar with stealth being used in the gopher, and later gave us an advantage of it still benefits the united states today. of benefit came from anticipating that next phase of warfare, developing the capability for it, and moving into that next phase with an advantage that endures.
10:13 am
once again, we find yourself in a situation where we are geographically disadvantaged because our allies are far away, and we have to project power in order to support them, and we are numerically disadvantaged because lots of our potential adversaries have much bigger forces than our own. we need to again look at the approach we took in the cold war and anticipating our next phases , and developing capabilities to be effective in them. that should be the heart of our strategy that we have been talking about. looking at the next phase of missionaries that we think are important in deterring the adversaries we face today. t, i talkhe shif abouts in detail in my written statement, but likely with undersea warfare, quieting subgrades to one in which we use active sonar and nonacoustic
10:14 am
methods. that would mean that the submarines would not have the same benefit as the survivability that they have today. use jammers to counter radars. in strike, we will see the continuation of the trend we felt towards stealth and low probability sensors that target and the cold war, but went on hiatus with the soviet union's fault. -- fall. spectrum -- we have been offering stay with very high powered systems, very technical systems. we will not be able to do that in the future. we will move to systems that are increasingly passive. there are key technologies we have to develop in those areas. last, an arab, sensor advancements will result in situations where small, fast, maneuverable aircraft will not be as efficient.
10:15 am
those are some key areas that we our to be able to take existing advantage and build upon in order to be successful against our adversaries in the future. is obviously an area of competition today. be an area of competition. it looks like, given the policy choices that they united states has made, and will likely make in the future, and our own dependence on those areas. those may not be areas where we have a significant military advantage. b may be in a situation where we have to defend our current capability. we may be forced into a defensive mode. to be able to address these technologies, we must look at how we have developed technology in the defense department. we have talked about the fact that we have an 18 month cycle
10:16 am
and technology, but an 18 mon yr cycle and the defense department. operational concepts. today, we develop technologies absent a real idea of how we would use them. we develop ways of fighting that do not take advantage of new technologies. we need to marry those ideas up and get concepts that leverage new technologies to be able to build requirements that drives acquisition systems to new systems. we also need to look at how we focus our technology investment. today, our technology investment is spread over a large fo portfolio of areas rather than focus on the areas that will give us the greatest benefit strategically down the road. we are watering the flowers, hoping they will turn into trees, when we should focus on the ones that will turn into trees. acquisition reform has been a big topic, a big focus area of
10:17 am
yours. one key area that has not been addressed yet is the need to refine how we develop requirements. what we develop the requirements for new platform, we start from scratch every time we come up with a new airplane, ship, or missile, and to find the requirements for upfront, before we even start building the thing. instead, we need to look at ways to build requirements as we are prototyping technologies to get an idea of what requirements will be feasible. how fast can they go for a reasonable cost. what is achievable in terms of schedule, and what is achievable in terms of performance b parameters. those can be defined by prototyping existing technologies. that is how does this may go about it. in the defense department, we build requirements in isolation of any expectation. refining requirements process would be a key process of speeding up the introduction of new technologies.
10:18 am
we have an advantage. we have an opportunity here with our current technological capabilities, many of which are maturing. we need to make some changes in order to leverage them. i look forward to your questions. thank you. scharre: we are seeing changes in warfare much like how the industrial revolution
10:19 am
led to changes in world war i and world war ii with tanks, aircraft, submarines. the u.s. i has already been a mover and it information revolution -- things like gps, stealth, and things that others have mentioned today. the challenge that we have is this technology is available to others. we do not get a monopoly. as chairman mccain mentioned, many of these inventions are happening outside of the defense sector. we saw, and the goal for, what some of these technologies can do in terms of inflicting damage on the enemy. there is precedent for these kinds of changes. in the late 19th century, the british developed an early model forine gun that they used conquest all across africa. they faced an, enemy that also had machine guns. men andght 20,000
10:20 am
one day. we are not prepared for the changes that are coming, as technology for the phrase to others, and continues to evolve and mature. thousands of missiles now litter the middle east and africa in nonstate groups. now that they have guided weapons, they can target our forces with great position as well, such trading and overwhelming our defenses. exchange ratio favors the office. this old ability of our major assets, our carriers, our ships, with a veryde unfortunate long-term trend in u.s. defense spending -- this precedes the current budget
10:21 am
problem and will continue beyond unless there are some major changes. for several decades, the per unit cost of our ships and risen.ts have steadily indeed, our response is to build more capable assets. we have extremely capable ships, aircraft, submarines, and aircraft carriers, but of course, this drives the cost even further. this has made sense in a world where others do not have weapons that can target us with great precision. we have been willing to make the trade. we have done so, trading quantity for quality. this does not work in a world where others can target us as well with precision, concentrate their firepower on our shrinking number of combat assets. we're putting more and more eggs in a smaller number of vulnerable baskets. the department of defense
10:22 am
largely refers to challenges. the problem is reasonably well understood. the problem is, in launching a new strategy to counter it, a better ship or aircraft alone will not solve the problem we move in the path on, we will build something that is even more expensive and there will be fewer of them. to operate in this area, we need a fundamental shift in our military thinking. we need to be able to disperse ourforces, disk aggregate capabilities into lower-cost systems, operate and deceive the enemy through deception measures and decoy. we need to be able to form an overall enemy defense with low-cost assets. early thinking along these lines is underway in many parts of the department. corps is experiencing
10:23 am
operations.ing the naval postgraduate school has an aerial combat that they are working to develop with drones. a program aims to does aggregate aircraft can billy's entirely into a swarm of low-cost expendable assets. collectively, these hint at the next paradigm shift from fighting as a network of a very small number of expensive assets, as we do today, to fighting as a swarm of a large number of cooperative assets. the main obstacles that stand in our way are not fundamentally and within a, reasonable budget, if we are
10:24 am
willing to make trades, they are not financial. ,he main obstacle is conceptual a willingness to fight with new forms of war fighting. thank you very much. >> thank you for inviting me to join you here today. it is a deep honor. my new book combines nonfiction style research with a fictionalized style scenario of a 21st century conflict to explore the future of war. the choice of scenario is delivered -- deliberate. competition, which could spill into actual conflict either by accident or choice.
10:25 am
in turn, the scale of such a challenge demonstrates the stakes at hand, which hopefully we will not have to wait for to try to change. in my written submission, i cover five key areas that distinguish the future of war and the needed actions we need to take, recognizing the challenges and new domains of conflict in space and cyberspace to dealing with our pattern of buying what i call the pontiac overpromised, -- overengineered, and overpriced. in my remarks, i would like to focus on the new technology race at hand. since 1945, the united states has focused on having an advantage over our adversaries. comes inmption everything from our overall defense strategy to small unit tactics. yet, the u.s. cannot focus on that overmatched in the future.
10:26 am
theftectual property means that we pay for much of the research cost for our adversaries. china, for example, just r&dtook the eu and national with projects ranging from supercomputers to programs. drone this is crucial. it is not just many of our long trusted platforms from warships a forplanes, noble and new actors hands. a new generation of unmanned systems, both more diverse in size, shape, inform, but also more autonomous, and more capable, meaning they can take on more roles from isr to strike
10:27 am
. weapons that use not just cannot kinetics ofst or -- a fist or energy of gun power, but new systems that potentially offense and defense. artificial intelligence, big .ata that will redefine hypersonic's. high-speed rockets and missiles. 3-d printing. human performance modification technologies that will reshape what is possible, and maybe even war. is proper in the challenge is the comparison that will be drawn versus what
10:28 am
we are actually buying today or what we will by tomorrow. our modernization programs are often not too modern. are older programs than you, and some, older than me. this dynamic shapes not just what we buy, but extends their development time, and ultimately, our expectations of how much of it we will buy decades into the future, limiting our future and present flex ability. theabuse a metaphor -- growing cost of the car is driving where we steer the horse. part of the and i got new average to silicon valley, we .truggle with the concept
10:29 am
outdated must be discarded. the roadblocks to disruption play at multiple levels from specific weapons programs to personnel systems and operating concepts. for instance, there is a long record of the government funding products that wither away because they cannot supplant whatever old gear or program factory that is in the way. indeed, there is a term for it -- the valley of death. the same that goes for all that is new and proposals you have heard in these hearings over the last several weeks. to be adopted, some will have to be supplanted. as you program for the future, ultimately what you support and the new game changers, what you eliminate in the old, and what you protect and nurture across that valley will matter more than any single additional plane or tank squeezed into a budget mind item. it may even be the difference
10:30 am
between the win or loss of a major war tomorrow. i would like to close by offering to quotes, one looking back, and one looking forward. the first is where churchill may lack said it best -- of clear thinking, confusion of counsel until the emergency comes, until self preservation strikes, these are the features which constitute the endless repetition of history. the second is from a professor at china's national defense university, arguing how his own nation should contemplate the future of war -- we must bear a third world war developing military forces. we must be mindful of the lessons of the path, but be future and keep the next world war where
10:31 am
belongs, in the realm of fiction. senator mccain: you mentioned that legislation that was recently passed on ciber was a good step forward. what more? the thingn, i think that has to be clear and the legislation, when there is military response required, that has to go immediately to the defense department. is if'm concerned about we set up a process that is delayed at the department of security, how long does that inspection take? what i would encourage is the development of a set of standards, think of it as protocols, where both houses in congress could agree that these types of information hold no personally identifiable information that is necessary for the protection of the
10:32 am
nation, and could go directly to all the parties. i'm not saying cut the out, i'm saying and sure that dod gets it in real time. it would be analogous to a radar. dhs, and they tell you where the missile is. you said it is important to partner with industry. i get the impression that industry is not particularly interested in partnering with us. >> i think there are two parts of that. what i have found is industry is very much into cyber security. they are very much interested in what they share with the government because of liability, but at the end of the day, they recognize that the government is the only one that can contend them from a nationstate like an attack. senator mccain: is the f 35 the last man fighter in your view? >> i do not know if it is the
10:33 am
last because others may continue to construct them, we may as well. , if we aren is thinking about the interwar years, the spitfire, or the or is itsystems -- parallel to the gladiator? i would offer the committee to explore that parallel history of a program that beset the requirements. the requirements were set early, and the world changed around it. seemed things that fantastic about the gladiator, it was outdated before it even left the development cycle, but they continued to push forward with it.
10:34 am
it's nickname was not the coffinor, but the flying . otherr mccain: several paragraphs inherited that moniker as well. buy the 35. we be will have to wrestle with issues you have pointed out -- the per unit cost, how that will affect our long-term plans for how many we want to buy. i have a hard time believing that in the year 2025 or 2030, we will still be buying the same numbers that we expected by now. the world will have changed, the capabilities will have changed. also, the integration with systems. also, what role will it play or be able to play with partnering unmanned systems are managing them? mthere is a sea of change. set -- is that we are
10:35 am
we all agreen: that the pentagon is not structured, nor the command theer structured, to meet challenges that the witnesses have described. take a stab at how we should restructure the pentagon to meet these new challenges. you, mr. chairman. i think one important disconnect that has come to light in the last 15 years is the disconnect between what the pentagon is doing, in terms of long-term acquisitions, and very near-term needs. we saw this in iraq and afghanistan, the creation of all .hese ad hoc processes things that were basically silver bullets. the secretary had to personally fire at a problem to get it fixed. institutionalizing that is important, not just for
10:36 am
counterinsurgency or guerrilla wars, but more important before importantly- more for major wars. the time i is shorter, and the need to enervate is essential, as well as to anticipate these problems. i think there is a lot more to be done, in terms of giving the cocom the voice and creating a pathway. the air force has rapid development -- rapid capability development. >> i would say we need to look at having one process of where weg requirements may want to have a more deliver .rocess
10:37 am
have a separate process where we acquire smaller the programs we develop in dod, where we can develop in concert with other programs. we could take advantage, and bridge the valley, if we instead said that everything that is not a large man program -- for example, weapons, sensors, we developehicles -- requirements along the same time that we develop specifications and plans for the system. it would merge them to a much bigger degree. send mccain: we would not need a
10:38 am
thousand page document for a new handgun? , exactly. all of those technologies are ones that we will harbor from industry or dod labs. why not develop a process that defines the specifications ferry quickly based on what has already been achieved, and we know what the cost will be. >> it strikes me that we are tight about the disconnect between the reality, that we all , and operational outlooks institutional , the equipment, training, everything. the question is, how, in real
10:39 am
?ime, we think those things up and, by having exercises how we actually gain this out in a comprehensive way. i'm recalling, someone mentioned the interwar years. when people were sitting at the war college in newport, thinking about threats, new technology, and providing basis. process bye in the having comprehensive exercises that will force us to answer questions like how do we organize or reorganize? what equipment do we really need ? senator, i think the first thing we have to look at is to on what cyberlook can do to our country. i think in the military, we militarymilitary and
10:40 am
engagements. practically speaking, an adversary will go after a .ivilian infrastructure first when people talk about total war, take up the will of the people to fight. take down the power grid and financial sector, and everybody will forget about these problems, and we are essentially isolated. i think we have to step back and think about this in a more comprehensive manner. what does that mean for the defense department to really protect the nation in this area? i think there is a great start with how the teams have been set up, and what they can do, but i think there is a long way to go. at cyber tenure command, some of the questions came up. do we go from unified unified to separate service. petreaus saide tra
10:41 am
separate service. it is a new way of warfare where our nation is at risk. we could, in the past, separate out the military to overseas. in this area, you cannot do that. the first thing they will go after it our civilian .nfrastructure i think the wargame has to start with that in and with that. it will escalate far faster than any warfare we have seen. looking at the interwar years is a great example. the war did then -- fighters would get together, and play out the wargame on the floor there with play ships, models, and everything, and then go out to do auto experiments to practice what came out of the
10:42 am
process. right now, the department of itsnse is invigorating process and develop capital to put into the war fighting concepts. the war fighting concepts that emerge out of those then need to be taken out, as you are saying, to be experimented with, in exercises with a real operating environment. one other thing that dod does not do well, that they need to start doing a better job of incorporating technology. with the wargame, we give them a problem, and they know the systems, and they go play it out, and figure out the best way to fight, but they are not taken advantage of what technology may offer them and the next 5-10 years, which is really the timeframe that we are planning for. we need to bring in those technology experts that no where technology is going, but not
10:43 am
necessarily how it will be used. by putting those groups of people together, you're more do something different than what we did before. ,n the past with stealth experts came in and said, this is possible, and then operators said, i know how i would use that. we could take that into the field and practice it. >> my time is diminishing. >> thank you, senator. i could not agree that the process of extreme and tatian is critical. i would add that it has to be segregated from sending in an army unit. there may be room for taking some units, we have done in the past, and setting them aside as experimental units, to try new concepts.
10:44 am
>> very rapidly, i think the challenge in the existing system is the exercises are either about validating existing concepts. you hear the phrase often, getting back to the basics. what if the basics have changed in the interim? it is different from the interwar years. those were very valuable, not only in showing what to buy, and how to use it, but who. linking the personnel exercises to your system. a big issue is that the budget .s not preventative of it they went through the great depression and figured out aircraft carriers. it is often the culture of an limitation. finally, be aware of the lessons that they save they will adopt,
10:45 am
but only in an uneven manner. we taking capabilities and putting them into old boxes. we have build up cyber command, but still have a system where they found significant motor abilities in every major weapon system. assume that this is much broader than the department of defense. this has to be a hugely conference of exercise involving the federal reserve, the department of defense, major utilities, everyone engaged. i assume everyone agrees with that. thank you, mr. chairman. >> first of all, general alexander, i appreciate the time we had -- i learned a lot in the time we spent together in your
10:46 am
position. it was very meaningful. i recall when i was first elected -- i came from the house to the senate and replaced david boren, chair of the intelligence committee -- he told me at that time, one of the problems we were never able to deal with was the fact that we have all of this technology, and all these things we're finding out, and yet, we seem to be competing with ourselves. we have the fbi, the cia, the nsa. i'm kind of seeing the same thing. we made some headway. in fact, during the bosnia thing, all of the enemies were in one room together, at least they were talking. you mentioned in your statement, private entities cannot afford alone, andthemselves that the u.s. government is only
10:47 am
one that can and should fire back. i would seems to me -- ask you how this should be restructured. thehave each one of these -- nsa, they have a cyber division, the cia, all of that. how would you envision restructuring this? i'm going to take from what i talked with secretary gates about. i thought he had the greatest insights. when you look of the departments responsible for protecting this homelandyou have security, department justice, and department of defense. practically speaking, all of the practical talent lies with the nsa, and hence, the reason you put cyber command there. you marry those pieces. the fbi has great talent, but
10:48 am
they do not have any of the deep technical talent that came out of world war ii for encryption, decryption, and the things that really help a network operate. when you talk about network operations, that is probably the best expertise. the question then becomes, what do you do that brings those three departments together? i would ask you to reach out to him and get his thoughts on it. he had some great insights. we actually started down that road, and it fell apart at one point. i think that is where our country needs to get to. that allows you to look at what you will do to defend the nation, and what you will do to recover when bad things happen. both of those have to be synchronized as we go forward. it goes back to what senator reid brought out. if our nation is a tax, and they take out the power grid, where
10:49 am
is your first priority for the future of the nation? and that is something that has how will i defend this country, first and foremost, it has to be put on the table. that is what i would do. i have not been able to think of a way of collapsing all of the intelligence is together, unless you just smash them together under the dni. i don't know better way off the top of my head to do that. >> i was going to bring up the effort you have made in that going out to the university. the chinese, they are teaching their kids. let me, real quickly, get back to the fact that the statement
10:50 am
that was made about gates, talking about how we never have once gotten it right. i can remember the last year i served on the house armed services committee, 1994. i recall when we had experts testifying, and one of them said that in 10 years we would no longer need ground troops. that is an example of what is out there, and a reality that we have not been getting it right. one thing i think bob gibbs gates got right, when he was on the panel -- incidentally, we have had great panels of thinks, people from tanks, universities. inob gates said --
10:51 am
all of your comments, and you are saying, we are not giving in defendinghasis america. you think that we need to -- say yes or no down the table -- to reprioritize making defending america our number one priority again? is incrediblyon strategic -- on unstrategic. how we deal with that will determine success or failure. >> i think that is yes. >> i recognize that there are some very difficult the my domec compromises. it is clear that we are not spending enough on defense today. >> yes.
10:52 am
, thank you, mr. chairman. all for being here today. general alexander, if i could ask, which country, or which group has the most to gain to america?attack russia, china, isil? who do you rank as number one? >> each of them have different objectives. with russia, when we disagreed on the crimea, we saw increased attacks on target and home depot from their hackers. >> how does that benefit them? hackersgive their freedom. they feel they make money. .e get hurt
10:53 am
the same thing with iran. you look at the disruptive attacks on wall street. they are sending a message. will firection us, we back. and china, it is different. china is all about building their economy. all they are doing is stealing everything they can to grow their economy. it is intellectual property, our future. i think it is the greatest transfer of wealth and history. interestingly, we could stop that, i believe that, i really do. if i could, what senator reid hoffsenator anim brought up -- industry is willing to pay their portion for cyber defense. i'm convinced of that. if they did their part right in defending what they need to, and setting up the ability to tell the nation when they are under attack, you could stop attacks from iran, russia, and china.
10:54 am
nsa.t me ask you about the we are talking about all of this outside interest in attacking the united states for many reasons, as you just stated. what have they done to stop the edward snowden's of the nsa from inside attacks? in 2013t up a program -- interruptsorry to you. wasn't a surprise to you? i know you were there. >> i was surprised that one person that we trusted to move anotherm one server to was not trusted. >> you had him at a high level? low levela very administrator who had the important job of moving information from servers and the cotton no united states to hawaii.
10:55 am
we came up with a series of things that could be done, and share those on how to stop insider attacks. when i talked to financial institutions, more than 50% of their concerns come from insider attacks. these are things that are going on. it is all in the behavior and modeling. i think we did a good step. we were caught flat-footed on snowden. >> you are not sure if other private organizations have taken your advice? >> for sure in the nsa because we ran tests. we ran backward data and found that we detected them each time. >> how damaging was the information that he has shared, or stolen and take it with him? usuallynk it was
10:56 am
damaging. you can see what the dni recently set about support to our troops in afghanistan, the fact that some of that information has gotten out, and our ability to detect adversaries in afghanistan has been impacted. the same thing with terrorist attacks. it has set us back. i personally believe what he is doing with russia is hurting our country. >> you think that snowden should be treated as a traitor and tried as such? >> i do. >> thank you, senator mccain for your leadership and for the series of hearings we have been having. i will join with you and your comments about our breaches and snowden. i think it is very important. i do not sense, for my study,
10:57 am
that we are having any forificant gratitude individual liberty. targeting every little person for what they favored -- we do not have anything like that with regard to our defense analysis. several years ago, my subcommittee talked about the threats we might have to our missile and space systems, and that we have reports and analysis of that. sander levin who chaired the committee at the time agreed that this was not only a problem for our missile systems, but for our entire defense system. legislation, general
10:58 am
,lexander, that focuses on that and calls for analysis of our nowerabilities, and puts $200 million towards identifying response,reating a and plan to protect our vulnerabilities. i will ask you and mr. clark about that, if you would like to share thoughts about it. first of all, are you familiar with the legislation? do think it is a step in the right direction? do we need to go further? are we vulnerable, and can we take actions that would improve limiting our vulnerability? i'm not 100% state in it, but i am unaware of it. i think on the vulnerabilities, we have to continue to upgrade how we do that. let me give you an example. when i had cyber command, the
10:59 am
issue that we faced was 15,000 enclaves. how do you see all of those enclaves? when i asked, how do i know these guys are fixing the vulnerabilities and doing everything we told them to, they report up. it cascades of. a simple fix is done at manual speed, it takes months. it should be automated. i think it is a step in the right direction. i would encourage you to look at parts ofn now automate this. i think it is crucial to block in those attacks. i think what you are doing is right. i think there are steps we could take to go be on that, and i would be happy to talk to some of your people on that. >> thank you. by the way, mr. clark, i saw you had the distinction of serving on the nuclear submarine alabama. that is special to me. tell senator mccain what you say
11:00 am
when you finish off on your announcements on the alabama. mccain: deeply moving. it is. i would say, we need to move towards using automation to a greater degree to protect our systems from cyberattackand alsd to modernize our network that deal with missile defense to reduce the number of separate systems involved and reduce the .mount of surface area the enclave he described how this vulnerability to attack. need to sort of bring more of those into the same enclave to defend one perimeter as opposed to hundreds of parameters. of those areas where we have had legacy systems cobbled together over time we have a bunch of different
11:01 am
are nowthat interconnected as opposed to having one system that is able to protect itself automatically. that goes back to the automation idea. a couple other things with regard to our vulnerability in theine with don't -- idea that there are countries that are developing satellite that our small family's design to repair or put new batteries in two other satellites could also be used to attack a satellite without generating the kind of debris we would normally assume would deter someone from attacking inside in space. using technologies that would allow attacks in space is something we have to consider as well in terms of how to we protect our satellite infrastructure. >> thank you. mr. shaw, dr. singer? >> thank you sir.
11:02 am
i was out on the space side. an important component of enhancing our resilience is off .pace backups and networks in part to protect our assets but also to reduce the incentives for attacking them in space. there was a program to build a communication network for a number of years that is considerably underfunded, in large part because it is the kind of thing that does not strike as a service. that is something else to add. -- dr.singer dr. >> singer? >> thank you senator. we should not lean too much on the cold war parallels of deterrence and mutuality of risk on, thinking that showing our ability to hit back will deliver 100% security. and also the idea of the creek timeline.
11:03 am
yes, cyber works at digital's bead, but for example attacks take not days but months, sometimes years to put together. on average it is a time. a -- on average it is about three years between the time the attackedstarts and the person knows about it. maybe we need time to pause it, study it, steer them to places where they cannot cause harm. the parallels are not exact. the deterrence model that i hope we look for is more often deterrence by denial, which is building up resilience, whether it is in space by moving from billion-dollar single point of failure that can be easily taken out to networks of smaller cheaper satellites. within that i hope that we are
11:04 am
willing to look at alternative approaches and stop trying to take new capabilities and put them into old boxes. ourexample i would contrast approach and the way it has not done a great job with pulling in estonia talent to -- was mentioned as a model of a victim, one of the worst victims of state-level cyberattacks, but able to build up a level of resilience that we do not have. i would suggest that as a model alternative to our approach. >> thank you. >> mr. chairman. >> one of the problems with the estonian model is the privacy issue that causes many of the industries here to be resistant to that model. >> thank you mr. chairman and take us all -- thank you half
11:05 am
for testifying this morning. if i could ask each of you to give a very brief response as we look at cyberattacks and other attacks to our cyber grids. othery come from non-nationstates? >> i think the greatest concern comes from nationstates, the most frequent attacks come from hackers, terrorists, and others. >> i agree. i think the greatest threat is from nation states. >> does anybody disagree? >> i guess i would disagree. i think on a large scale nationstates can bring more power to bear, but the issue of frequency and likelihood, it is absolutely necessary that we think about threats.
11:06 am
it is clear that nonstate access can cause quite a bit of action and deterrent is less effective. >> i think i understood you to say that we could stop attacks .rom iran, russia, and china their willingness to invest in their own cyber security. how should the operation be organized? think first, having the right cyber technology is a copy has an approach that allows a commercial entity to understand when they are being attacked or exploited, the ability to share that information both from cyber legislation and from a technical perspective. the ability for the government to receive and then to respond. i do think it is here where the war gaming and everything would go on.
11:07 am
what should your response be if these events occur? >> if we can do that should be organized under the dod or organized somewhere else? why have we not done already? >> this goes back to the organizational structure that was asked previously. we have parts of this that is really responsible for the resilience. we have the dod defend the nation and then we have the department of justice responsible for criminal activities. what secretary gates said is you have those three but they are all talking about the same domain and you can go very a non-nationstates actor acting like a nationstate actor. we have to have wargames and we have to organize ourselves right.
11:08 am
we don't have the legislation to allow it to occur. >> are you suggesting that we should organize that within the department of defense? i think the department of defense has to have the key is not the lead role to --, because when push comes to shove and 70 has to respond for the good of the nation it is the defense department. if our nation is under attack they are the ones were going to be held accountable. >> thank you. wrote about the dangers of radical transparency and how our adversaries would be able to wait what our military -- exploit what our military does. suggest whatin or we might do to respond to that? >> sure. i think there are couple components. one is the digitization of government data.
11:09 am
certainly we have seen this with chelseamanning -- manning. but i think there is also an security in terms of our operations being conducted. there is this era of big smartphones where every action can be recorded. i worry that our forces on the ground are not adequately prepared. we have seen one off incidents in these wars where there is an incident like koran burning or someone urinating on corpses. in a world where every action is recorded and tweeted in real time, that is something i don't think we are prepared for. from my personal experience fighting on the war in iraq and afghanistan, occasionally we have interactions with the population where things are rough. is a veryt go viral
11:10 am
different kind of environment. >> my time is up, but mr. chairman, if i could ask this one more question. secretary gates when he was here reference the fact that u.s. information agency is defunct now and that our strategic efforts to communicate really pale in comparison to some of our adversaries. certainly that is true with russia. so how do any of you suggest that we better respond to that, and should those efforts to get out, given the challenges of ,ransparency that you mentioned how do we do that and who should head that ever? should it be defense, should be the state department? i think it is -- >> i think it is worth exploring the idea of a new agency.
11:11 am
certainly we do need to adapt our communications to this digital and social media age. area we have not fully exploited is taking advantage of the demonstration of new technologies, whether they are , andssful or not communicating that to potential adversaries to create an uncertainty in their mind. i think we can turn that radical transparency around by creating uncertainty in the minds of our enemies. >> i certainly agree with dr. singer. areart of why they successful at it is they are using a technology that is i wouldly networked, so
11:12 am
guard against us coming at it with a kind of 1940's centralized approach. secondly, they know specifically what they want to do. we have not yet figured out to counter the narrative or take them off the network, or in turn take advantage of this very same radical transparency. isil isand i still -- getting its message out, on the other hand we are gathering more information about them than any advocate -- enemy before. third, why have they been able to do it in some manner is that they have cohesion between their communication strategy and their battlefield operation. for example, before they launch the operation against most of -- things ready to go. we do not have that kind of cohesion. >> thank you all, thank you mr. chairman. chairman.ou mr.
11:13 am
>> dr. singer, earlier you said unither unit cost -- per cost was prohibitive. i would like to open it up to the entire panel and ask what can we do about cutting? where can we do less? a lot of times we talk about where we can do more. i would like your opinions on where we can do less with research, with find -- with training. what won't we need in the future? dr. singer. >> i think you have heard from the panel many good ideas and the question is whether we will be able to implement them, with shifts from our professional military education all the way to the example of distinguishing between the types of systems and the requirements that we build for them when we approach it. systems.em of legacy
11:14 am
another thing i would put specifically on the table is our tendency to plan and assume for then we actd surprised when things don't work out that way. that was what i was referencing with the war problem, where we have systems -- and again, all of you are thinking about certain systems in terms of we developed a warship that a tester says will not be survivable in campus -- combat. or a taker aircraft -- tanker aircraft not intended to be used in anything over a media threat environment. what i'm getting at is that we to dealn, in an attempt with the per unit cost it is shaping everything. we cannot change the amount we
11:15 am
were intending to buy because of what it will do to the per unit cost of it. we should be able to re-visualize how certain weapon systems can take on new important roles. the way the b-52 bomber for example went from deterrence operations to air support. we may be able to rethink that approach and everything from tot is an aircraft carrier the long-range strike bomber. is it just for strike or will it be able to take on isr combat role in the future? these are possibilities. we have to allow them to happen. thank you senator. i think there is an issue of quantity, not just to have fewer numbers but to trade that for large numbers of lower-cost systems.
11:16 am
think of them as a quarterback behind the fight. a bomber that is not just securing access to the fight that a pilot that is controlling a swarm of maybe lower-cost unmanned vehicles. submarine that is controlled by a hub of undersea vehicles. points tois sort of is separating the platform from the payload. ist we have done in the past developed the aircraft with all of the systems built into it and then we would periodically modernize it by teri at all apart and rebuilding the technology every 10 or 20 years. we would do that by buying much
11:17 am
cheaper and less equipped things and then adapting them with a payload over time. a radar system or a passive radar sensor. that is much quicker than that of the overall platform. we can afford to get cheaper platforms. in terms of what we have today i would not say we want to throw things on the scrapheap, but we want to look at ways we can payload,t with a instead replacing them with another highly integrated airplane or ship. take out the old stuff that is to start reducing the cost of these platforms in the future. give the f 35 is an example, maybe it is the last aircraft we buy that is really equipped as a strike fighter. to get to dr. singer's point, maybe you end up with air lanes in the future that are larger centers and the payload changes to accommodate
11:18 am
that. >> center, i think one of the things we should look at is the commercial industry spends billions if not trillions of dollars a year on cyber security alone. when you think about all that money that is being spent it is being spent to solve their problems. but if they work together they create a sector solution, and that sector solution could be very important for extent -- protecting our country. if we had government and industry work together in a way that was eating full so that what they applied their resources to help us a more reflective surface and cyber then we tell the government when the government has to act. you could for lucas -- focus government resources where they are really needed. of looking atea the energy sector, the health care sector, and the government together, put those in a room and look at what they are doing. what you would find out is one
11:19 am
big bank alone is spending almost 750 million -- $750 billion a year on cyber security. what if it was done in a way to protect the whole sector? serviceface would be -- would be far better than anything the government could do. we need them to do that for the government can focus on what we want to do. swarmswere talking about and a change in war fighting. your best platforms, your birth -- best payloads. what about personnel? are we looking at the same industry in 20, 30, 40 years? can technology replace that? i think technology can certainly aid in taking ground. when it comes to holding ground and building up a security infrastructure that is something that is going to require personnel action. could we use robotic systems?
11:20 am
absolutely. i think there are a lot of opportunities. we could look at something like a modern-day robotics experiments with maneuver warfare. thank you. thank you mr. chair. >> thank you mr. chairman and thank you to the witnesses. you talkedxander, about the number of cyberattacks on governmental agencies that are occurring with radiofrequency. 350ink you said cyberattacks, i'm not sure what unit of time that was. give us a good example of a counter cyberattacks that the united states has undertaken. give me a good example of something we have done in response. senator, i can't give you
11:21 am
that in this forum but i think that is something that would be good to discuss in a classified session. thisjust want to make point. i thought that was going to be our answer. there is not a deterrence doctrine if people don't know what the response is going to be. the president said he was going to send, -- more troops to syria. i know how many bombing raids we .ave done in isa -- on isil when the american public and policymakers read over and over again about cyberattacks on the .ation they are very public but when we can't discuss even when -- with the committee in a public setting what we're doing in response it kind of leads to a little bit of a feeling that we are impotent against these attacks. and i know we are not. but if we can talk about troop but we cannot talk
11:22 am
in open session about what we do in response to cyberattacks that are every bit as in the public news as the bombing campaigns, i think it really leads to a sense of helplessness by the public and the committees themselves. i hope we can follow up and talk about this. >> let's go hypothetical instead of actual. we can talk about hypothetically -- >> i would rather move to another topic. hypotheticals are great. why can we know actual in so many rounds of what we know who we're not going to talk actual about this? we certainly hear about the actual attacks on us. that raises a question i would like to explore more. >> it is very interesting hearing all your great testimony , and the title was provocative. a lot of this discussion has been easy -- about technological
11:23 am
issues. one of the questions is the questions about unilateral partners. we were attacked on 9/11 by al qaeda and we immediately assembled a coalition that amounted to about 60 nations to try to respond to that. the first thought after the attack on pearl harbor was not, we have to go out and assemble a coalition although there were other nations obviously. is there something unique about the future, certainly the current, and the future of warfare that renders this whole idea of coalitions kind of more of a common feature? feature that was built with nine partner nations. talk about coalitions and alliances in the future of warfare. i'm curious to hear your thoughts about that. could, in the cyber
11:24 am
realm we would be much better .ff think about the undersea cables. they come from the united kingdom to us. the united kingdom and europe, if they had a similar approach to cyber security and they agreed to defend their aunt, we defend our and, we have now moved our defense to europe. i think that is very good thing. we could do things like that. i do believe there is much need for collaboration. him -- in allings the issues you have with civil liberties and privacy, because all of those nations see it differently. >> i would say the benefit that we get from coalitions is primarily nonmaterial. i would argue that they don't necessarily bring a lot of cable the ladies -- military capabilities to bear that are actually easily applied. it actually makes it a lot
11:25 am
harder to try to do with multiple nations. but the difference is access to areas that we would obvious -- otherwise not be able to monitor, and it also affects the political coverage. if we can demonstrate th that is the way that we are used to operating it will drive our competitors or adversaries into a consolation where they realize well, i am not just going to be upsetting the united states but also a number of my other neighbors, which could create other problems down the road politically for them. there may be a political benefit in the long run to my -- managing things from a coalition. >> thank you mr. chairman. alexander, do we have a stated doctrine with regard to , do we a cyber attack have a defined limit where we identify something as an act of war is our defense, our energy,
11:26 am
resources are attacked? >> the only thing that i know that comes close to that is the president statement in 2009 about how we would respond to losing any form of power, cyber, military, diplomatic. there are no rules of the road in cyber. i think wargames can help tighten some of that up. >> would anyone disagree with that analysis? >> i would add one thing. one of the challenges with cyber is if you try to use cyber capability to respond to a cyber makingyou manned up clear to the adversary the access that we have into his networks. one problem we have if we don't want to burn the source. are attacked in cyberspace we might need to go to some other means to respond because we don't want to give up the fact that we have access to his networks and are able to monitor his activities. we might be a little take advantage of the attacks actually gain new access.
11:27 am
>> the key is not the means. it is not that it is cyber. it is the end of fact which will determine it. whether it is through cyber or missile, whether causes loss of life or physical damage, even if a fire thatup killed hundreds of americans we would not take gosh, you use matches not cyber or a missile. cyber can be a little bit of a misdirection. >> do we need a different doctrine to determine whether or not a cyber act is an act of war? >> i would say so. we need to have a more clear definition of what we think constitutes an attack they would be meriting of her response. because we do that in the physical realm to a much greater degree, and obviously this gets built up as a body of action over time.
11:28 am
it is president that does it -- president that does it -- pree e cedent that does it to some extent. >> what we cannot do is walk into a war because we did not understand that this would be an act of war. so if something were to attack one of our nato allies and cause a disruption, what constitutes an act of war is not really clearly stated. inre has been a lot of stuff the holland papers that have been written, but it does not get to the point that this is clear. i think we need to have those discussions in the classified and unclassified realm. and i do agree with the intent of the individuals. if their intent is to do harm i think you now need to look at 5 [indiscernible] >> should there be an act of war in the cyber realm? i think ideally you can
11:29 am
prevent it, but if you could not prevented there are now two things going on. andlience in your networks set a whole series of actions, for political, economic, genetic, military, cyber, there are a lot of things he could do to stop the nation from communicating with other tools. i think those types of capabilities and wargaming our analysis to the way we did armored warfare 70 years ago. >> sometimes we talk about this in a way in which we have a tendency to scare ourselves because we are talking about how serious this can be. do we have the capability and resources right now to actually respond should we have that kind of a cyber attack that would amount to -- if we define it properly -- an active war? are we in a position today is a country to respond to an act of war? 40 offensive teams
11:30 am
created at u.s. cyber command. those teams have some great capabilities. it does not cover the whole world but it gives you a great starting point. i think that the first thought was in 2010, let's set up the initial structure that we need, set it up in terms of offense and defense with teams that could actually do actions to defend the country. >> does anyone have anything to add? >> i would just add two things. of first is the idea assuming that our response would if someonelimited carries out an active war against us using cyber means. we are not and should not be limited in our response. that is why we are seeing that kind of deterrence. , wesecond thing to note have built up great cyber offense capability. there are many things the minister did, one of the other
11:31 am
things he did was revealed that we have very potent cyber offense capability. i would add though, to those that believe the link up more will deliver deterrence, the question is why has been on deliver deterrence yet? we have great offense yet the attacks have continued to come. that is why i go back to we need making ourselves more resilient both the military and civilian so we can shrug off of the tax which therefore make the attacks less productive and less likely to harm us. >> thank you mr. chairman. >> thank you mr. chairman. dr. singer, i must complement .ou to found a technology firm called neo-luddite is an act of genius. i also enjoy your church help quote. one of my favorites is he was once asked how he thought
11:32 am
history would treat his role in world war ii. his response was, there he well, because i intend to write it. deterrence, and i think turnarounds really hit the point and i think we should follow up on this, is the question of what is an act of war and when will you respond? if an act of war is not defined your opponent has to know that you are going to consider it an act of war and that there will be a response. mr. singer, i think your point is well taken. it does not necessarily have to be a cyber response, but i do think that there needs to be some response. ultimately,y denial you have to have some offensive capability. you have to be able to punch back or you are simply always on a defensive. heuer nodding your head, i assume you agree with that concept. >> i very much agree.
11:33 am
i will consummate you in turn. thank you for your kind words. i have an article coming out next week on this question of deterrence and the three approaches are what we have wrestled with. it is one, to set very clear norms so that both sides understand what is and is not an act of war so that there is no miscalculation. the second is to understand that you can respond but you can respond with many other means in it isther ares bank and not just through military. it may be to trade, it may be through espionage. there is a far more complex game going on than the cold war when your only response was you hit me with a nuke i hate you back. and the other one is turned by denial, the idea of civilian involvement. the current by denial -- deterrence by denial is an
11:34 am
incredibly useful concept not just against state level attacks but also against all the other attacks of their, whether it is not state actors or criminals. on that point, general, good to see you again. i think the point you make that i had not really thought about was the idea of a joint, private effort,yber security perhaps facilitated by the government but not with government involvement, so we do not have the privacy issues oriented it strikes me as inefficient in the extreme to have bank of america spending billions on cyber security when in reality they are all chasing the same problem. it may be that a consortium similar to -- as i recall there was a semiconductor consortium some years ago to deal with the innate joint way. that might save the private sector a lot of money. the government could just act as a facilitator.
11:35 am
clark, i think an important point has been made today and was made the other day. instead of building weapon systems that have absolutely everything, that are going to last 40 years and therefore by definition be obsolete, we all ought to be building modernist -- systems that can be modernize on-the-fly rather than starting all over again. is that essentially what your testimony was? >> yes. it gives you the ability to take systems. of the we talked about moore's law and in that were. -- results doubling computer power every 12 to 18 months. computers are really the heart of the system today. we should take advantage of the fact that that cycle is going to be so fast and develop those payloads on a much faster
11:36 am
timeline. >> trying to develop a weapon system that has everything for everybody at one time that will be fixed in time is just the wrong way to go. if i define my requirements in isolation from what the technology might be in a new -- near-term timeframe i and up aspiring -- i end up aspiring to something that will never exist. mr. singer, if your article has not gone to the press i would urge a quote from robert frost, good fences make good neighbors. if people know where the rules are that is where you can avoid conflict. final question just for the record. chillinglexander, very in your early testimony that we will not have time for human decision-making in responding to some of these kinds of attacks.
11:37 am
in other words the 30 minutes or an hour for the missiles is now a matter of seconds. warquestion is how do we game and prepare a response that can be done instantaneously without the intervention of human discretion. . think that is an issue my time has expired but i think that is an issue that deserves some serious thought and discussion. thank you gentlemen very much. it has been very illuminating. where --d suggest the words of chairman mao. it is always darkest before it is totally black. >> gentlemen, thank you for your support for our nation and so many varying ways. i think the session today has been very that -- beneficial for all of us. general alexander i would like to start with user. we have spent a lot of time talking about the cyber threats that exist out there and this devastating effect to our networks should they be attacked
11:38 am
or when they are attacked. and really the ability to recruit and retain talent to deal with the cutting edge threats that are out there. what i would like to know is a little bit more. how can we utilize our reserve and our armed forces to bring in some of the best and the brightest? we have a lot of folks that certainly serve in very similar compassion -- capacities and their civilian employment. is there a way we can use them to leverage our forces? >> that is a great question. we were doing that and i know that continues. each of the national guardsmen are setting up cyber teams that would also help, and as you note, some of these have some of the best technical experts in civilian industries that partner with us. we go out to washington, the state of washington, microsoft employees. all around the u.s.. i think there are some great partnerships there, and it also
11:39 am
gives you the opportunity to bring those into active duty when you need them and then take them off. it also helps provide security for the state and local governments. think that is wonderful. i know that in my transportation company we have some computer whizzes working in the civilian industry. they were truck drivers when we are modified. and i know that we have spent some time talking about future personnel, generations in our department of defense. visit a little bit with you again about the national guard and reserve and where you see their role in the future whether army, navy, air force, marines. >> thank you senator. i think this issue of civilian expertise is a unique capability
11:40 am
that the national guard brings to the table. this example of computer experts driving trucks. i saw inactive reserves, many similar things. things are misaligned or not as well aligned as they could be. inside the department to actually identify those skills and allow them to be tracked inside the department so that if the nation needs to draw upon that it can know who are these experts. that would be extremely valuable build onnk a way to the skills and capabilities. >> i think that is a great idea. i know that we do identify many of our civilian through the garden and the reserve, but i they truly pay
11:41 am
attention to that and i think we have a lot of talent and abilities that can be better utilized on active duty force. willou think that the dod continue to rely heavily upon our guard and reserve as we move into future conflict in outlying years, as heavily as they have made in the past 14 years? >> i think they will continue to play a valuable role. a lot of guardve and reserve members and they have given a lot in the last 14 years. they will continue to be a valuable contributor in the future. thank you. i will move onto a different topic. mr. clark, maybe you can assist. there is a letter regarding our concern for russia's activities near some of our underwater cables. this is very concerning because the cables carry everything from sensitive information, , many of these
11:42 am
things that are vital to our economic stability. i know that it is a very sensitive topic, but i think it is pretty vital that we start talking about our interests in underwater fiber-optic cable. are you concerned at all about the security that either exists or does not exist out there, and if you could expound on that please. >> i am very concerned about it. those cables carry trillions of dollars in financial transactions every year, about 90% of the world economy runs on undersea cables. the russians for a long time have had an undersea program where they go and look underwater, and they had taken an interest recently in the cables. by the areas that they are operating that they are looking for something down there . out in the open ocean these undersea cables are fairly hard
11:43 am
to find, because you have to search a large area. but in the areas where they have their landings on the united states or in europe or the middle east they are easy to locate and then traced back. is inncern we would have conflict they could be easily broken. they are broken faith -- fairly regularly today as a result of anchors. today the responsibility for replacing those cables lies with calltry, so they have on teams they go out and fix them. you are talking about time frames of weeks or months. have isoncern i would our ability to rapidly respond to these kind of attacks. and then we need to be able to have better monitoring capabilities in the vicinity of these landings, where it is a target rich environment for
11:44 am
undersea vehicles or a ship that is coming up to port, or a remotely operated vehicle to attack them. but there are technologies out there that can provide the ability to monitor them pretty well. being able to find something small like dr. singer talks about is going to be really hard . we need to come up with better capabilities to detect these very small underwater vehicles. it is a huge potential vulnerability that could be exploited in peacetime or in war. >> i agree. thank you for a much. i appreciate this. i think this is something we need to turn our attention to also. >> thank you mr. chairman and to all of you testifying. the department of defense has used a technology of quality over quantity to stay ahead of the other countries.
11:45 am
at one of the other hearings we had we learned we have fallen rely onn our ability to our technical superiority. do you share that view, and if so, what are some very fundamental steps we should be taking in order to increase our technological capacity? any of you can answer. >> ok, i will start. i think one of the main factors is time. how do we shorten the time by which we develop major programs? mr. clark talked about modularity, thinking about payloads. but also in terms of upgrade software. there are even some more sort of fundamental shifts people are thinking about. the program that i mentioned , thinking about basically taking a major platform and ripping apart entirely into a larger number of
11:46 am
basically just the payloads that are all interacting together. that is something they were experiment with. >> so are you saying that we should spend more money or is it also the way the money is spent? >> i think the way we spend the money is absolutely critical. >> and how would you change how we are spending our money? >> the process in the department is very decentralized and fragmented. focus.more centralized there are efforts underway that i think are beneficial in that regard. >> senator, i would just add i butk it is both the way -- we clearly don't spend enough on r&d and we have seen presented as go down on the government side and as a nation.
11:47 am
qualityssue of quantity , it is not just in terms of the weapon system, but simply if you run out of missiles for today in a fight you have to exit. you may survive but you divert to the enemy in that time. >> did you want to? >> i just have one more thing. r&dad a pretty good idea in . it is not well focused and we talked about. in addition, industry used to do a lot of internal research development with their own money to explore military possibilities that might be beneficial in the future. they have produced that significantly. thatey have reduced significantly and there are number of things the department is doing that has this incentivized -- that -- this disincentivized
11:48 am
that. >> perhaps one of the ways that we incentivize the private sector to have the potential of -- whatgy transfer impact do you anticipate our reliance on fossil fuels will have on the potential effectiveness of our future war fighters, and what is your assessment of the department progress in terms of reducing its reliance on fossil fuels? >> i think there are a couple key reasons to do so. one is strategic risk and vulnerability. the other one is cost. but an important one is alternative energy solutions to ,elp increase the endurance particularly robotics that we can put on the battlefield. that'll set -- batteries, fuel
11:49 am
cells, they can allow us to put persistent surveillance out there to monitor the enemy for months or years in a time. about not to much fossil fuels as it is just reducing our energy dependence in general. project is over a very long distance because of all of our friends and allies are an ocean away from us so we are transferring those forces over a long distance. reducing the amount of energy they need in general would the important. the idea of going to new battery technologies that are able to riod ofr a very long pe time and be be charged by the sun or at some docking station would be a very good way for us to reduce the tether. right now we are refueling aircraft and ships with other
11:50 am
ships, and then we have to reveal that shift. aircraft obviously have to operate a much shorter. period of time. >> thank you. chair.k you mr. sorry, we had to step out for a few minutes. we were actually celebrating the birthday of the marine corps. we welcome the chair and the ranking member as members of the navy and the army. gentlemen, thank you very much for your testimony. general alexander, i was actually struck by your well,ony in one area -- in a couple areas.
11:51 am
one of the things we have been hearing about in terms of cyber is the notion that we are constantly being attacked, and you mention it in some of the dollars and statistics you have in your testimony on cybercrime. it is really eye-popping. but there has been this notion of us being on defense, defense, defense. one thing that i like about your testimony is that you talked about offense, where we have invented a lot of this technology. we are the leader still. there is all kinds of opportunities for offense. could you just provide some examples of that? the chairman's opening statement about turning technology into offensive advantages i think were very illuminating from an historical perspective, the are some opportunities in terms of offense? well there are a noble of
11:52 am
offensive capabilities. i think first and foremost you have to be able to see with the adversary is doing, hence the need for the commercial sector to be part of the solution. if you think about how to computer actually talk -- i want to talk to you you come back and say on this channel, that takes time. computerink about some trying to get in well that is happening, if the government can see at the government can stop , or stopleast delay it the router or do things that. so what you have are opportunities to change what is happening in cyberspace with offensive tools that would defend the country. the issue comes down to what would you authorize, for example , cyber command to do in order to defend? you might say i'm going to let you do everything you can but i don't want you to destroy the system.
11:53 am
the strength systems will go a step further. but technically seek -- speaking, you have seen is, you could destroy a computer in cyberspace by doing certain things to it. the technical ability is there. it is public record. now all you need is access. how you get into that access is where you take the capabilities of the nsa with cyber command and fbi and put those together. so you have tremendous opportunities, and i think when we look back at our capability you look at -- we are the most integrated networked society in the world. you look at hours on the defense and you say, we are broke. if we throw rocks, here are all these glass windows. >> let me ask a related question. i know there has been a lot of discussion in his testimony on deterrence, or raising the cost
11:54 am
of cyberattacks. it seems to me -- and i would welcome any opinions -- if you are an authoritarian regime like russia or iran or china, they in some ways have an advantage because they can just deny and lie and say we had nothing to do with that, even though they did and they do. but you mentioned one example. attacking ourere -- if the armenians were attacking our financial system would it make sense for us to say publicly, if you do that again we will crash your entire financial sector. is that the kind of thing that we should be looking at in terms of raising the cost? it seems to me if you are an authoritarian regime you can lie about who is doing it, but the cost of all of these attacks is almost minimal, because we do not react. should we maybe look at being a little bit more public and upping the ante in saying if you do this we will respond?
11:55 am
in some of these countries i am sure we could crash their whole economy. withwould be a problem that kind of deterrent that makes it a little more transparent raises the cost dramatically? of course if we announced that we would have to act. i am curious. any of the panelists, what would you think of something a little more transparent from our perspective, and do we have a disadvantage when we are dealing with authoritarian regimes that routinely lie? >> one thing you have to think about is the fact that the deterrent action might need to be proportional with the action it is intended to deter because it will not have credibility otherwise. if we say that because the iranians are attacking on our banking sector that we would crash there -- their financial system, that might not be proportional and therefore they would not find it a credible threat. action butr further
11:56 am
may be seen by the international community as being highly disproportionate. so we might need to come up with a more proportional reaction so that the adversary will say, well, he would actually do that. that gets to wear may be the response needs to be not in cyberspace but in another domain. for example, electronic warfare, small attacks -- on oil is a sector. those could all be undertaken with relatively small amount of collateral effect well demonstrating the result of the united states being able to do something we could repeat. but it does not cause such a huge damaging reaction that people don't think we've ever use it. not in termsnge is of the old bad mutual assured distraction. we are far more vulnerable to cyber attacks in north korea but that is actually a good thing, because we are integrated with the global economy.
11:57 am
we have freedom. we would not want to be in the situation they are in, echoing the point of looking at other concerns. i would add one more thing. when we are talking about offense and steering cyber command to taking on these roles , it is moving it and asked -- and us away from our role in clear warfare is self. the determinant of success and failure in future warfare with cyber will not be individually, but in terms of how integrated are we with other were fighting capacities. the more we focus on the power grid the less it is integrating that capability in terms of -- you asked in war -- using it to take down and aired defense -- air defense. for example, israel. so be careful of steering cyber command more towards civilian roles.
11:58 am
it may lead us to success in non-war but set us up for a fall in real war. >> i just want to add some clarity to that to make sure that from my perspective you understand. commercialan get industry to help is through their product. put cyber command and our defense to permit cannot work without the industry sector. our defense department needs to defend the nation. >> i'm not proposing that they go in and prop up any internet company. help them build the right cyber security so we know they can defend themselves and call for help when they need it, and then push that out beyond the boundary. defense department has to think more comprehensively about this whole thing. that is part of it. but my concern is i would go after our infrastructure.
11:59 am
that is what the chinese approach to warfare is, so i think we have to put all that on the table. >> thank you mr. chairman. i want to thank all of you for being here. i wanted to follow-up general alexander on something you had in your prepared statement. you wrote that russian intervention in the ukraine and syria is just a start to a potential series of actions that could potentially reshape the international environment. so i wanted to get your take on what comes next with moscow, and what should we be doing to respond. >> my greatest concern is eastern ukraine. i think everything that is going to get moretin closure on eastern ukraine, where the weapons platforms he really cares about are created.
12:00 pm
i think he wants control of that , and i think by pushing what he has there is nothing i have seen it would indicate he is going to stop doing that. i think he will lie and do everything he can and then helped that happened. push -- a great way to think of it as a think. that feint. he is doing that by helping to shape what he thinks of the best proxies for russia, syria, and iran in the region. he winced twice -- wins twice. people are still dying in eastern ukraine. it focuses everybody on syria. i would not be surprised if over the next six months we see some more action in eastern ukraine at the same time. with respect to syria what i'm concerned about is a tension that creates up to a point where get to where we have to fire back aga r

6 Views

info Stream Only

Uploaded by TV Archive on